Implement ISO 27002 process model for privacy protection
This process map provides a process model view of the ISO 27002:2022 standard for Information security, cybersecurity and privacy protection from a privacy protection perspective.
ISO 27001 Annex A cf. https://www.iso.org/standard/27001 provides a list of controls for compliance.
Below are some domains to be considered for controls in support of privacy protection:
Privacy Policy, Privacy Impact Assessment (PIA), Privacy by Design and Default, Consent and Choice, Individual Participation and Rights, Anonymization and Pseudonymization, Collection Limitation, Purpose Limitation, Data Minimization, Retention and Disposal, Data Quality, Openness/Transparency and Notice, Privacy Compliance, Privacy Review
Data Quality: implement controls to ensure the accuracy, completeness and reliability of personal information.
Explore the smart ProcessHorizon web app for automated SIPOC process mapping and design: https://processhorizon.com